<?php

class model_user extends model
{

	public function login($username, $password)
	{
		$session = bone::get_session();
		$ip = $_SERVER["REMOTE_ADDR"];
		$times = $session->get( $ip );
		if( !$times ) $times=0;
		$times++;
		if($times>10)
		{
			$this->set_error('系统检测到您的登陆行为异常, 限制登陆!');
			return false;
		}
		$session->set( $ip, $times );


		$db = bone::get_db();
		$user = $db->get_object( 'SELECT * FROM `bone_user` WHERE `username`=\''.trim($username).'\'' );

		if($user)
		{
			if($user->is_admin==0)
			{
				$this->set_error('该用户没有登陆后台权限!');
			}
			else
			{
				if( $user->password == md5($password) )
				{

					if($user->block==1)
					{
						$this->set_error('您的账号被屏蔽， 请和管理员联系!');
						return false;
					}

					$session->clear( $ip );
					$user = bone::get_user( $user->id );
					$user->is_admin = 1;
					$session->set('user', $user );

					$db->execute( 'UPDATE `bone_user` SET `last_visit_time`='.time().' WHERE `id`='.$user->id );
					return $user;
				}
				else
				{
					$this->set_error('密码错误!');
				}
			}
		}
		else
		{
			$this->set_error('用户名不存在!');
		}
		return false;
	}

	// 退出
	public function logout()
	{
		$session = bone::get_session();
		$session->clear('user');
		return true;
	}


	public function get_user_total( $key=null )
	{
		$db = bone::get_db();
		if($key)
			return $db->get_result( 'SELECT COUNT(*) FROM `bone_user` WHERE `username` LIKE \'%'.$key.'%\' OR `email` LIKE \'%'.$key.'%\' OR `name` LIKE \'%'.$key.'%\'' );
		else
			return $db->get_result( 'SELECT COUNT(*) FROM `bone_user`' );
	}

	public function get_user_list($offset=0, $limit=20, $key=null )
	{
		$db = bone::get_db();
		
		if($key)
			return $db->get_objects( 'SELECT * FROM `bone_user` WHERE `username` LIKE \'%'.$key.'%\' OR `email` LIKE \'%'.$key.'%\' OR `name` LIKE \'%'.$key.'%\'',$offset, $limit );
		else
			return $db->get_objects( 'SELECT * FROM `bone_user`',$offset, $limit );
	}
	

	public function set_admin($user_id, $status)
	{
		if($user_id==1)
		{
			$this->set_error('默认管理员禁止改动');
			return false;
		}
		$db = bone::get_db();
		return $db->execute('UPDATE `bone_user` SET `is_admin`='.$status.' WHERE `id`='.$user_id);
	}


	public function block($user_id, $block)
	{
		if($user_id==1)
		{
			$this->set_error('默认管理员禁止改动');
			return false;
		}
		$db = bone::get_db();
		return $db->execute('UPDATE `bone_user` SET `block`='.$block.' WHERE `id`='.$user_id);
	}


	public function edit($data)
	{

		$user = bone::get_table('user');
		$user->bind($data);

		$is_new = ($user->id==0);

		
		$db = bone::get_db();

		if($is_new)
		{
			if($db->get_result( 'SELECT COUNT(*) FROM `bone_user` WHERE `username`=\''.$user->username.'\'' ))
			{
				$this->set_error('已存在此用户名');
				return false;
			}

			if($db->get_result( 'SELECT COUNT(*) FROM `bone_user` WHERE `email`=\''.$user->email.'\'' ))
			{
				$this->set_error('已存在此邮箱');
				return false;
			}
		}
		else
		{
			if($db->get_result( 'SELECT COUNT(*) FROM `bone_user` WHERE `id`!='.$user->id.' AND `username`=\''.$user->username.'\'' ))
			{
				$this->set_error('已存在此用户名');
				return false;
			}

			if($db->get_result( 'SELECT COUNT(*) FROM `bone_user` WHERE `id`!='.$user->id.' AND `email`=\''.$user->email.'\'' ))
			{
				$this->set_error('已存在此邮箱');
				return false;
			}
		}

		if( $user->password!="" )
			$user->password = md5($user->password);
		else
			unset($user->password);

		if($is_new)
		{
			$user->register_time = time();
			$user->last_visit_time = time();
		}
		else
		{
			unset($user->register_time);
			unset($user->last_visit_time);
		}

		if($user->id==1)
		{
			$user->is_admin = 1;
			$user->block = 0;
		}
		
		$user->save();


		if($is_new)
		{
			$config = bone::get_config('system');

			$subject = $config->site_name.'管理员为您添加了一个账号';
			$body = '账号信息如下:<br>';
			$body .= '用户名:'.$user->username.'<br>';
			$body .= '密码:'.$data['password'].'<br>';
			$body .= '邮箱:'.$user->email.'<br>';
			$body .= '名字:'.$user->name.'<br><br>';
			$body .= '请记好您的用户信息，点击这里访问 <a href="'.$config->site_url.'" target="_blank">'.$config->site_name.'</a>';
			
			$mail = bone::get('mail');
			$mail->set_subject($subject);
			$mail->set_body($body);
			$mail->to($user->email);
			$mail->send();
		}

		return $user->id;
	}

}
?>